feat: throw error 403 if creds incorrect

This commit is contained in:
Laureηt 2022-05-27 17:12:08 +02:00
parent a8f6b30f1f
commit 63d7c0c53a
No known key found for this signature in database
GPG key ID: D88C6B294FD40994

View file

@ -9,6 +9,7 @@ import javax.persistence.TypedQuery;
import javax.persistence.NoResultException;
import javax.ws.rs.Consumes;
import javax.ws.rs.CookieParam;
import javax.ws.rs.ForbiddenException;
import javax.ws.rs.GET;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.POST;
@ -99,9 +100,8 @@ public class UserService {
try {
// si on trouve l'utilisateur via son sessionID
user = User.fromSessionID(cookie.getValue(), em);
LOGGER.info(user.getUsername() + " already logged in");
// TODO: renvoyer un json avec les creds
} catch (NoResultException e) {
// on trouve le user à partir de son username
user = em.find(User.class, username);
@ -117,6 +117,7 @@ public class UserService {
LOGGER.info(user.getUsername() + " logged in");
} else {
LOGGER.info("incorrect creds for " + user.getUsername());
throw new ForbiddenException();
}
}
}